Someone live streaming is well attuned to the dangers of exposing personal information on screen, and will hesitate before ever typing a password while streaming. They'll either disable this feature or open a root shell before beginning their stream.

Besides, I can just amplify their stream to hear their keypresses.

Why no need to make it the default? I’m all for rethinking legacy decisions.

It helps 99% of the user base and the security risk seems negligible.

I feel like livestreaming is a good example of an unusual situation where one might consider changing defaults that are otherwise good for the majority of users.

Also, I think the vulnerability of knowing that someone's password is exactly 19 characters long is low enough to be worth the tradeoff. Especially since someone on a livestream can also figure that out by listening for the keypresses.

If your sudo password can be exposed by its length then you need a longer password. Hiding the length is just security theatre.

In your specific example livestreams usually have audio so the length is already public.

There was already an option for a very long time, and in fact Mint had already changed the default since a long time ago (see e.g. https://forums.linuxmint.com/viewtopic.php?p=1572457).

Changing the default is the point, because people often just don't look into whether it's possible to configure things. They might not even get the idea that the asterisk feedback could be possible, or useful, until it's shown to them.

An accessibility feature helps more people if is it is on by default.

This is a very specific fear for a very niche sector of the userbase. sudo is the only case of a silent password I've encountered in my life and it's really uncomfortable.